CHAPTER 2: STEP 2 – DETERMINE THE SCOPE
Once the initial project scoping workshop is complete, it is equally important to provide a clear understanding of the objectives and the scope for the PCI target environment.
Therefore, it is recommended that you hold another workshop. This workshop should be used to better understand the boundaries, exemptions, third parties relationships, and dependencies but it should be recognised that the scope will probably change from the start of the PCI project upon completion of the project.
It is important to note that an accurate scope is not only essential for your entity to gain maximum benefit from the PCI assessment but is imperative to ensure the project does not drag on for an indefinite amount of time ...
Get PCI DSS: A Practical Guide to implementing and maintaining compliance, Third Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
